1.6 System Security Flashcards
Define malware
MALicious softWARE written to infect computers and commit crimes such as fraud and identity theft.
Define virus
Malware designed to cause harm to a network or computer.
Most have a human element to them.
Attaches itself to programs or files on a computer or server.
Almost all are attached to an executable file, so the virus may exist on a system; won’t be active or able to spread until a user runs or opens the malicious host file or program.
Often spread through files, programs, emails, messages or games that you download.
Define worms
Replicates itself to spread to other computers often using a computer network and fills up the RAM.
To achieve this, the worm exploits vulnerabilities across the computer network.
Unlike a virus, it doesn’t need to attach to a program.
Define trojan horse
Harmful piece of software that looks legitimate.
Users are typically tricked into loading and executing it on their systems.
After it’s activated, it can achieve any number of attacks on the host.
Create back doors to give malicious users access to the system.
Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the internet.
Define network policies
How a system can be secured through specific rules or requirements.
Define firewalls
Software that performs a “barrier” between a potential attacker and the computer system.
Can be held on a server, or a standalone computer.
Many have this feature as part of an anti-virus package.
Not 100% effective – an attacker could exploit a vulnerability.
Monitors applications and network usages.
Can block access from certain computer users and disable processes which may be perceived as a threat.
Define penetration testing
Tests performed under a controlled environment by a qualified person.
Checks for current vulnerabilities and explores potential ones in order to expose weaknesses in the system so they can’t be maliciously exploited.
May use tools to help them in their duties.
What are the effects of malware?
1) Computer may crash, reboot spontaneously or slow down without any logical explanation.
2) When a worm infects a computer, the internet connection may become slow as the worm searches online for other computers to infect.
3) Files may be deleted, become corrupt or encrypted.
4) Hackers record typed keys of computer so they know passwords.
How can you prevent malware?
1) Strong security software (firewall, spam filter, anti-virus, anti-spyware, anti-spam).
2) Enable OS updates.
3) Staff training: caution opening attachments.
4) Back up files regularly.
Define social engineering
Relies on human interaction (social skills).
Commonly involves tricking users into breaking normal security procedures.
Method doesn’t revolve around technical cracking techniques such as: worms or viruses.
Define phishing
Form of social engineering.
Designed to acquire sensitive information such as: usernames, passwords, card details etc.
Most common phishing attacks are sent through email.
What are the effects of phishing?
1) Accessing a victim’s account and withdraw money or purchase merchandise or services.
2) Open new bank or credit-card accounts in a victim’s names, and use the new account to cash illegitimate checks or purchase merchandise.
3) Gaining access high-value corporate data.
4) Financial services can blacklist institutions, resulting in reputational damage.
How can you prevent phishing?
1) Strong security software (firewall, spam filter, anti-virus, anti-spam).
2) Staff training: awareness of spotting fake websites & amp; emails.
3) Staff training: never disclose personal or financial information.
4) Staff training: disable pop-ups.
Define brute force attack
Trial and error method used by programs to decode encrypted data such as: passwords or Data Encryption Standard (DES) keys, through exhaustive effort rather than employing intellectual strategies.
What are the effects of brute force attack?
1) Theft of data.
2) Access to corporate systems.
How can you prevent brute force attacks?
1) Network lockout policy: locks out after number of tries expires.
2) Effective software: progressive delays.
3) Staff training: using effective passwords that contain symbols and numbers.
4) Challenge response tests e.g. reCAPTCHA.
Define denial of service attack
Flooding a server with useless traffic causes servers to become overloaded preventing them responding to legitimate client-server requests from users.
What are the effects of denial of service attack?
1) Revenue losses: downtime affects profits.
2) Productivity Loss.
3) Reputation Damage.
How can you prevent denial of service attacks?
1) Strong security software (firewall).
2) Packet filters on routers.
3) Configuration of the web server.
4) Good network policy: audits, logs, monitoring.
Define data interception and theft
An attacker monitors data streams to/from a target, in order to gather sensitive information.
What are the effects of data interception and theft?
1) Discovering username and password credentials.
2) Gaining access to systems.
3) Disclosure of corporate data.
4) Theft of data.
How can you prevent data interception and theft?
1) Strong encryption.
2) Using virtual networks.
3) Staff training: use of passwords, locking and portable storage devices.
4) Network forensics.
Define SQL injection
A code injection technique, used to attack data-driven applications.
What are the effects of SQL injection?
1) Contents of the database can be output, revealing data that otherwise would be hidden.
2) Data in the database can be amended and deleted.
3) New rogue records can be added.
How can you prevent SQL injection?
1) Validation of input fields.
2) Using parameterised queries.
3) Using database permissions.
4) Penetration testing.
There are few/many ways in which networks can be attacked
many
True/False: Networks can be attacked by targeting the people who use them
True
What does social engineering involve?
Tricking people into divulging secret information such as passwords and login information
Give an example of private information that can be given when tricking people as a result of social engineering
Anything such as passwords, login information, etc
What does phishing involve?
Emailing someone claiming or appearing to be from a bank or building society e-commerce site, asking for details of passwords or credit cards
What does shouldering involve?
Finding passwords and PINs by watching people enter them. This could happen in a busy office or at a distance using binoculars or recording equipment
All organisations should have an __________ use policy
acceptable
What must users do when there is an acceptable use policy in place?
Read it, sign it and abide by it
List things that should be included in an acceptible use policy
Any from users must not use their own devices on the network, users must not download files from the internet, etc
Why should users on a network not use their own devices such as USB flash drives?
These pose a threat as malware can be introduced to the network and data can be removed and stolen
Why should users connected to a network not download files from the internet?
They could be infected with malware
____ passwords are a major security risks
Weak
What is a weak password?
A password that can be easily and quickly guessed by humans and computers
Hackers often use _____-_____ techniques to try different combinations of letters, numbers and symbols to get in to a system
brute force
Brute-force software tries…to get in to a system
every single combination of letters, numbers and symbols until it finds the correct combination
A long password with a combination of what will take longer to guess?
Letters, numbers and symbols
Passwords should be changed _________
regularly
True/False: You should reuse old passwords
False, old passwords should never be reused
Why should dates of birth and relatives names never be used in passwords?
Hackers can find them out
Many forms of attack target users by getting them to install _______ (harmful software) on their computers
malware
What is malware?
Software that has been designed to gain unauthorised access to a computer system in order to disrupt its functioning, or collect information
Malware is software that has been designed to gain unauthorised access to a computer system in order to…
disrupt its functioning, or collect information
Malware is software that has been designed to gain what to a computer system?
Unauthorised access
What is a virus?
A computer program hidden inside another program which can delete or corrupt data on an infected computer
A virus can _________ itself and insert itself into other programs or files that can then be passed on
replicate
Viruses can delete or _______ data held on an infected computer
corrupt